IPTables

[7calories]

Is there a feature or a way to have TCAdmin open up ports on IPTables whenever necessary? Say if someone were to order a CS:S server, it would automatically create the server and open up port 27015 for that IP?

[LFA]

It is not opened automatically like Windows firewall but you can create an install script that opens the ports in Games > Select the game > Custom Scripts. Read here:

http://help.tcadmin.com/Custom_Scripts

[LFA]

I just noticed a bug with linux scripting. If you create a script with these contents:

#~/bin/bash
export > variables.txt

 

After creating a service view variables.txt and you will see the tcadmin variables exist but you can't use them because of the period: ThisService.GamePort should be ThisService_GamePort

 

I will fix it in the next update.

[7calories]

By any chance could you give me the commands necessary to open up whatever ports are necessary? I would greatly appreciate it!

[LFA]

http://www.linuxquestions.org/questions/linux-security-4/how-to-open-ports-with-iptables-237939/

 

plus whatever command you use to save the ip tables. On centos it's:

/sbin/service iptables save

[7calories]

With these commands in the custom script, TCA will automatically push IPTables to open up the necessary ports when it creates the game servers? I was looking more along the lines of what is needed to be put into the custom script to get it to open up the port it uses when it makes servers.

[LFA]

These scripts will work on the next update not on the current version:

 

Install script:

iptables -I INPUT -p udp --dport $[ThisServer_GamePort] -j ACCEPT
iptables -I INPUT -p udp --dport $[ThisServer_QueryPort] -j ACCEPT
iptables -I INPUT -p udp --dport $[ThisServer_RConPort] -j ACCEPT
/sbin/service iptables save

Uninstall script:

iptables -D INPUT -p udp --dport $[ThisServer_GamePort] -j ACCEPT
iptables -D INPUT -p udp --dport $[ThisServer_QueryPort] -j ACCEPT
iptables -D INPUT -p udp --dport $[ThisServer_RConPort] -j ACCEPT
/sbin/service iptables save

 

The iptables save command is for centos. I don't know how to save on Debian.

[7calories]

Ok, thanks perfect since its on CentOS anyway. Thank you!

 

Any ETA on next release?

[LFA]

probably early next week

[Gatsu]

Sorry to open an old thread but we have servers that have multiple IP's and we want the ports to be opened for that specific ip not across all of them.

 

    iptables -A INPUT -p tcp -d $[ThisServer_IP] --dport $[ThisServer_GamePort] -j ACCEPT
   iptables -A INPUT -p udp -d $[ThisServer_IP] --dport $[ThisServer_GamePort] -j ACCEPT

 

We wouldn't want a lot of ports left open after they cancel/leave so what could we do for removing this ports when the server is moved or deleted?

 

I have looked most places and can't really find them. Anyone have any ideas?

[LFA]

Use ${ThisService_IpAddress} and ${ThisService_GamePort}

http://help.tcadmin.com/Custom_Scripts